Fortinet FortiGate 4000 Switch User Manual


 
74 Fortinet Inc.
Transparent mode configuration examples Transparent mode installation
Transparent mode configuration examples
A FortiGate unit operating in Transparent mode still requires a basic configuration to
operate as a node on the IP network. As a minimum, the FortiGate unit must be
configured with an IP address and subnet mask. These are used for management
access and to allow the unit to receive antivirus and definitions updates. Also, the unit
must have sufficient route information to reach:
the management computer,
The FortiResponse Distribution Network (FDN),
a DNS server.
A route is required whenever the FortiGate unit connects to a router to reach a
destination. If all the destinations are located on the external network, you might be
required to enter only a single default route. If, however, the network topology is more
complex, you might be required to enter one or more static routes in addition to the
default route.
This section describes:
Default routes and static routes
Example default route to an external network
Example static route to an external destination
Example static route to an internal destination
Default routes and static routes
To create a route to a destination, you need to define an IP prefix which consists of an
IP network address and a corresponding netmask value. A default route matches any
prefix and forwards traffic to the next hop router (otherwise known as the default
gateway). A static route matches a more specific prefix and forwards traffic to the next
hop router.
Default route example
:
Static Route example
IP Prefix 0.0.0.0 (IP address)
0.0.0.0 (Netmask)
Next Hop 192.168.1.2
IP Prefix 172.100.100.0 (IP address)
255.255.255.0 (Netmask)
Next Hop 192.168.1.2
Note: When adding routes to the FortiGate unit, add the default route last so that it appears on
the bottom of the route list. This makes sure that the unit attempts to match more specific routes
before selecting the default route.